Hi,

If I try to make an ssh-connection to another machine (or even localhost)
and try to open an xterm, the connection breaks:

magrat:~> echo $DISPLAY
:0.0

magrat:~> echo $USER
rince

magrat:~> ssh -v rince@localhost
SSH Version OpenSSH_2.2.0p1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: Applying options for localhost
debug: Applying options for *
debug: Seeding random number generator
debug: ssh_connect: getuid 1000 geteuid 1000 anon 1
debug: Connecting to localhost [127.0.0.1] port 22.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version OpenSSH_2.2.0p1
debug: Local version string SSH-1.5-OpenSSH_2.2.0p1
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
debug: Forcing accepting of host key for loopback/localhost.
debug: Seeding random number generator
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
debug: RSA authentication using agent refused.
debug: Trying RSA authentication with key 'rince@magrat'
debug: Server refused our key.
debug: Doing password authentication.
rince@localhost's password:
debug: Requesting pty.
debug: Requesting X11 forwarding with authentication spoofing.
debug: Requesting authentication agent forwarding.
debug: Requesting shell.
debug: Entering interactive session.
Last login: Mon Oct 23 21:02:14 2000 from localhost on pts/6
Linux magrat 2.2.17 #1 Mon Oct 2 00:39:59 CEST 2000 i686 unknown

Most of the programs included with the Debian GNU/Linux system are
freely redistributable; the exact distribution terms for each program
are described in the individual files in /usr/doc/*/copyright

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
You have mail.
Last login: Mon Oct 23 21:04:04 2000 from localhost
magrat:~>


magrat:~> /usr/X11R6/bin/xterm
Connection to localhost closed by remote host.
Connection to localhost closed.
debug: Transferred: stdin 0, stdout 669, stderr 81 bytes in 12.3 seconds
debug: Bytes per second: stdin 0.0, stdout 54.5, stderr 6.6
debug: Exit status -1


In the same time, the identd gives the following:

Oct 23 21:04:16 magrat oidentd[3377]: Connection from magrat.rince.de (194.120.0.20):2142
Oct 23 21:04:16 magrat oidentd[3377]: [194.120.0.20] Successful lookup: 2141 , 6010 : rince (rince)
Oct 23 21:04:16 magrat tcplogd: port 6010 connection attempt from rince@magrat.rince.de [194.120.0.20]
Oct 23 21:04:16 magrat tcplogd: auth connection attempt from magrat.rince.de [194.120.0.20]
--- Begin /etc/ssh/ssh_config (modified conffile)
Host *.rince.de *.xlink.net *.skydsl.de luggage magrat localhost serpens.de serpens.swb.de mail.anatom.uni-tuebingen.de
 ForwardX11 yes
 Cipher 3des
 UseRsh no

Host *
  RHostsAuthentication no
  RhostsRSAAuthentication no
  RSAAuthentication yes
  PasswordAuthentication yes
  FallBackToRsh no
  UseRsh no
  Cipher 3des
  ForwardX11 yes
  ForwardAgent yes

--- End /etc/ssh/ssh_config

--- Begin /etc/ssh/sshd_config
# This is ssh server systemwide configuration file.

Port 22
#Protocol 2,1
ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh/ssh_host_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin no
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
#PrintMotd no
#PrintLastLog no
KeepAlive yes

# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging

RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
#
RSAAuthentication yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
# Uncomment to disable s/key passwords
#SkeyAuthentication no

# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no

# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes

CheckMail no
#UseLogin no

#Subsystem	sftp	/usr/local/sbin/sftpd
#MaxStartups 10:30:60

Package: ssh
Version: 1:2.2.0p1-1

OpenSSH still seems to have problems with IPv6. I solved this
problem by starting the ssh daemon with the option "-4" to only
use IPv4 addresses. This should be added to the default
initscript until this issue is resolved.

The exact text to add is "-- -4" at the start-stop-daemon lines
in the start) and restart) target.

    Ingo

 I can't replicate this bug (ssh: X11-Forwarding is buggy and crashes
connections) with the current testing version of ssh - do you have
problems with it with the current testing version?

 Thanks,

 Jonathan.